Improper Access Control Vulnerability in Formbricks by Formbricks
CVE-2026-14792

6.9MEDIUM

Key Information:

Vendor

Formbricks

Vendor
CVE Published:
6 July 2026

What is CVE-2026-14792?

A security vulnerability has been identified in Formbricks version 5.0.0, specifically affecting the Survey Handler component. The vulnerability exists due to insufficient access controls resulting from improper handling in the file apps/web/modules/survey/link/actions.ts. This flaw allows remote exploitation, potentially leading to unauthorized access and manipulation of the affected system. Users are strongly advised to upgrade to version 5.1.0-rc.1 to mitigate this security risk.

Affected Version(s)

Formbricks 5.0.0

Formbricks 5.1.0-rc.1

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

geochen (VulDB User)
.